Xxe

IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 172533...

CVE-2019-4730

CVE-2019-4730 affects IBM Cognos Analytics 11.0 and 11.1, where XML data processing is vulnerable to XML External Entity (XXE) injection. The root cause, as described in connected sources, is an XXE flaw that could allow a remote attacker to view sensitive information or exhaust memory resources....